On 05/07/2016 01:08 PM, Abderrahman Najjar wrote:
On Sat, May 7, 2016 at 10:58 AM, Carsten Mattner firstname.lastname@example.org wrote:
Why not VeraCrypt?
For cryptography its also about trust and TrueCrypt still has zero problems that are related to its cryptographic security.
I don't say VeraCrypt is bad and don't want to judge about that at all in this statement, but it also depends from whom you want to protect your data and TrueCrypt has built up a very high trust level over a very long time period. Especially because of the anonymity of the dev(s) it was not able to think about upstream backdoor scenarios by blackmailing them (which is not a too absurd if you look at the current political discussions all over the world and 3-letter agencies going nuts).
TL;DR: It is still bad that it is broken... but I have already investigated this issue some time ago as I wanted to help to fix this (at the end I just forgot about it -.-). I'm volunteering to aid the current maintainer and propose a simple fix around next week. I still see enough value for TrueCrypt to keep it.